Hello, could you explain the process of how to get an SSL certificate for webmail.mydomain.com? I get an error during processing! How to do it? Please explore what the services generate SSL. How to generate it manually
Hi @Andrei
You can try this fix:
sudo su -
cd /usr/local/hestia/bin/
mv v-add-letsencrypt-domain v-add-letsencrypt-domain.original
wget https://raw.githubusercontent.com/hestiacp/hestiacp/64210fd8ccee8718a861856e99f9965e40ff3932/bin/v-add-letsencrypt-domain
chmod +x v-add-letsencrypt-domain
And try to issue the certificate again.
2 Likes
But i don’t see option to get for webmail.mydom.com for Roundcube
Excusme i get this error
Error: Let’s Encrypt validation status 400 (mail.mydom.co). Details: 403:“The key authorization file from the server did not match this challenge. Expected “0uEc8obtuh18ZEQ—1Gn4jcT8oHlVbzEA7oLahKvv4.xZPcyI1UeXsKTARORy48yHGV3MRqh9QwJmYzo23LCII” (got “0uEc8obtuh18ZEQ—1Gn4jcT8oHlVbzEA7oLahKvv4.m3aXvmu-ieEEGhtHtK04zgJYkQQ2hrqT921e0Pf0”)”
Show the unedited output of the log (replace YourUser and YourDomain by the actual data):
cat /var/log/hestia/LE-YourUser-YourDomain.log
Very big log, may i send it direct msg or telegram?
And i see wrong link file nginx but how to fixed it, don’t know
webmail.mydom.com.conf → /home/webman/conf/mail/mydom.com/nginx.conf
Yes, you can send me a private message
But I don’t see a buttom to send direct msg
There isn’t an option to upload files.
Use this (again, replace YourUser and YourDomain by the actual data):
sudo su -
apt install netcat-openbsd
cat /var/log/hestia/LE-YourUser-YourDomain.log | nc p.27a.net 9999
And send me via private message the url you will get.
Did you get log file?
I only got this:
^V^C^A
You should wait till you see that command returns a url.
What about now? Command has finished
I can’t see it. Did you get the url?
You can also use pastebin or similar to copy/paste the log and share the url?
Yes full url and correct, do you have telegram?
I’ve checked your domain, and mail and webmail return different results to Let’s Encrypt challenge.
$ curl -ikL http://mail.YourDomain.tld/.well-known/acme-challenge/test
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 29 Nov 2024 14:45:53 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://mail.YourDomain.tld/.well-known/acme-challenge/test
HTTP/2 200
server: nginx
date: Fri, 29 Nov 2024 14:45:54 GMT
content-type: text/plain; charset=utf-8
content-length: 48
strict-transport-security: max-age=31536000;
test.NXTm3aXvmu-ieEEGhtHtK04zgJYkQQ2hrqP921e0Pf0
$ curl -ikL http://webmail.YourDomain.tld/.well-known/acme-challenge/test
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Nov 2024 14:46:07 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 48
Connection: keep-alive
test.xZPcyI1UeXsKTARORy48yHGV3MRqh9QwJnYzo23LCII
So seems you added one of the subdomains (mail or webmail) manually, if that is the case, remove the subdomain and try to add again the certificate for the mail domain.
3 Likes
Thank you very much!!! Yes, now all working! 
1 Like